Cybersecurity

Cybersecurity
Unit 42 Exposes TuxBot v3 Iranian-Linked IoT Botnet With DDoS-for-Hire
Palo Alto Networks Unit 42 exposed TuxBot v3, an Iranian-linked IoT botnet targeting 17 CPU architectures with DDoS-for-hire capabilities and AI-generated code.
Cybersecurity
CoinbaseCartel Hits Panasonic Avionics; Pear Targets US Healthcare
CoinbaseCartel claimed Panasonic Avionics, Pear ransomware hit two US healthcare providers, and six groups posted victims across multiple sectors and countries.
CVE Vulnerability Alerts
SonicWall SMA1000 CVSS 10.0 Zero-Day Hits Remote Access Gateways
SonicWall warns of active exploitation of CVE-2026-15409 (CVSS 10.0) and CVE-2026-15410 in SMA1000 appliances. Federal agencies must patch by July 17.
Application Security
CISA Adds Three SharePoint CVEs to KEV as Auth-to-RCE Chain
CISA added three SharePoint CVEs to its KEV catalog after confirming active attack chains combining auth bypass, code execution, and IIS machine key theft.
Cybersecurity
DOJ Charges Three Russians Behind LockBit, Play Hosting Network
The DOJ unsealed charges against three Russians who ran Media Land and ML.Cloud, bulletproof hosting that served LockBit, Blacksuit, and Play ransomware.
Application Security
Progress ShareFile Path Traversal Zero-Day Confirmed, Patches Out
Progress confirmed a path traversal zero-day in ShareFile SZC 5.x and 6.x after ordering an emergency shutdown. Patches 5.12.5 and 6.0.2 are now available.
Cybersecurity
300 Fake GitHub Repos Deliver BoryptGrab Chrome Bypass Infostealer
ArcticWolf exposed a campaign using 300 fake GitHub repos to deliver BoryptGrab, an infostealer that bypasses Chrome App-Bound Encryption via code injection.
Application Security
Unpatched Claude for Chrome Flaw Exposes Gmail and Calendar Data
Manifold disclosed two unpatched flaws in Claude for Chrome allowing malicious extensions to invoke the AI agent and silently access Gmail and Google Calendar.
Application Security
AsyncAPI npm Packages Backdoored to Deploy Miasma Botnet Loader
Four official AsyncAPI npm packages were compromised to deliver Miasma, a botnet loader using six C2 channels including Ethereum smart contracts and IPFS.
Cybersecurity
Spanish Police Break Up €140M BEC Ring Spanning Four Countries
Spanish National Police and Europol dismantled a €140 million BEC and investment fraud ring, arresting four suspects across Spain, Portugal, and Panama.